Analysis of Cybersecurity Program Placement: Political Science, Information Technology, Psychology, and Reporting Directly to the CEO
Establishing a cybersecurity program within a new university requires strategic consideration regarding its academic placement. The department’s location within the organization can significantly influence its curriculum, focus, and the type of students it attracts. Below is a comprehensive analysis of the pros and cons of placing the cybersecurity program under Political Science, Information Technology (IT), Psychology, and the possibility of having the program report directly to the CEO or university leadership.
1. Cybersecurity Under Political Science
Pros:
Policy and Governance Expertise: Political science departments focus on governance, public policy, and international relations. Housing a cybersecurity program here can emphasize areas like cyber policy, cyber warfare, and international cybersecurity laws. This is critical given the increasing intersection of cybersecurity and global politics.
Ethical and Legal Framework: The curriculum could focus on the legal and ethical considerations of cybersecurity, including international cyber laws, data privacy regulations, and the implications of government surveillance, preparing students for roles in cyber diplomacy, cybersecurity policy, or compliance.
Multidisciplinary Perspective: Cybersecurity, from a political science perspective, could foster collaboration with international relations, law, and economics departments, offering students a broader understanding of the societal impact of cyber threats.
Cons:
Lack of Technical Depth: A major drawback of placing cybersecurity under political science is the potential lack of emphasis on technical skills like encryption, network defense, and incident response. Students may miss out on hands-on experience with security software and hardware.
Limited Industry Focus: Many cybersecurity roles in the private sector require strong technical abilities. A political science-focused program may be seen as too niche, steering students toward government roles or policy work rather than broader cybersecurity positions in industries like finance, healthcare, or technology.
Risk of Overemphasis on Theory: While the study of cybersecurity governance is essential, overemphasis on theoretical frameworks without practical applications could limit the employability of graduates in more technical cybersecurity roles.
2. Cybersecurity Under Information Technology (IT)
Pros:
Technical Skills Development: Placing cybersecurity under IT would provide students with the necessary technical foundation, such as network security, cryptography, and penetration testing. IT departments typically have labs, technical infrastructure, and the practical focus required to develop strong hands-on skills.
Alignment with Industry Needs: A cybersecurity program rooted in IT would likely align well with industry standards and certifications (e.g., CompTIA Security+, CISSP). Graduates would be prepared for high-demand roles like security analysts, incident responders, and ethical hackers.
Integration of Cybersecurity into Existing IT Curriculum: The program could build on the existing strengths of the IT department by integrating courses on secure coding, system vulnerabilities, and threat management into the broader IT curriculum. This would benefit students seeking careers in both cybersecurity and IT infrastructure.
Cons:
Less Focus on Policy and Human Factors: A purely technical focus might lead to an underrepresentation of cybersecurity policy, governance, and the psychological aspects of security. Important areas like cyber laws, international regulations, and the human element of cybersecurity (e.g., social engineering) may not receive adequate coverage.
Narrow Specialization: While the technical depth would be a strength, there is a risk that students might not receive enough exposure to the ethical, legal, and psychological dimensions of cybersecurity. The program could miss out on producing well-rounded professionals capable of addressing both technical and non-technical challenges.
3. Cybersecurity Under Psychology
Pros:
Human-Centric Approach: Psychology can offer a unique focus on the human side of cybersecurity, including social engineering, insider threats, and human error. Understanding how psychological vulnerabilities can be exploited in cyberattacks (e.g., phishing) would be a key strength of the program.
Cyberpsychology and Behavioral Analysis: As cyberpsychology grows as a field, housing cybersecurity under psychology could lead to the development of a specialized track focused on how people interact with technology and how cyber threats exploit human behavior. This would be valuable for careers in user experience (UX) design, behavior-based security, and insider threat management.
Focus on Prevention and Intervention: A psychology-based program could emphasize the role of behavioral interventions in preventing cybercrime. It could explore how to reduce risky online behavior, rehabilitate cybercriminals, or promote secure digital practices among the general population.
Cons:
Lack of Technical Rigor: While understanding human behavior is critical in cybersecurity, a psychology-based program might lack the technical skills needed for students to excel in traditional cybersecurity roles. Hands-on technical experience with tools and technologies could be overshadowed by the emphasis on behavioral analysis.
Limited Career Opportunities: While the focus on the psychological elements of cybersecurity is valuable, it might narrow career opportunities. Many cybersecurity jobs require a strong technical background, and graduates of a psychology-focused program might need additional certifications or training to qualify for technical positions.
Niche Market Appeal: Graduates from a psychology-based program may primarily find roles in cyberpsychology, security awareness training, or behavioral analytics, which represent a smaller segment of the cybersecurity job market compared to technical roles like network defense or penetration testing.
4. Cybersecurity Reporting Directly to the CEO (or University Leadership)
Pros:
University-Wide Strategic Focus: Having the cybersecurity program report directly to the CEO (or university leadership) can elevate the importance of cybersecurity as a university-wide strategic initiative. This structure could encourage cross-departmental collaboration, integrating cybersecurity with IT, law, political science, and psychology departments. It signals that cybersecurity is a critical priority for the entire institution.
Flexible and Interdisciplinary Approach: A direct reporting line to the CEO could enable the program to develop a more interdisciplinary curriculum, drawing expertise from different fields. The flexibility could result in a curriculum that balances technical, policy, and psychological aspects of cybersecurity, providing students with a holistic education.
Leadership in Innovation: Placing cybersecurity at the top level of the university’s hierarchy could encourage innovation and research across multiple disciplines, promoting the university as a leader in cybersecurity education and thought leadership. This could also attract funding, partnerships, and industry collaborations.
Cons:
Potential Lack of Focus: Without being housed in a specific department, the cybersecurity program may lack a clear disciplinary focus. This could lead to confusion regarding its academic direction or dilute the depth of expertise in any one area (technical, policy, or behavioral).
Resource Allocation Challenges: Cybersecurity programs typically require specialized resources, from IT infrastructure to dedicated faculty. If the program is managed directly by leadership rather than a specific department, it could face challenges in securing the necessary resources, faculty, and support staff.
Coordination Complexity: Reporting to the CEO may introduce bureaucratic hurdles, making day-to-day academic decisions slower due to the need for approval from the highest levels of the university. There may also be challenges in aligning the program’s goals with the broader strategic vision of the university.
Conclusion
Each option for locating the cybersecurity program has its distinct advantages and challenges:
Political Science: Emphasizes policy, governance, and ethics, preparing students for roles in government, cyber diplomacy, or cybersecurity law, but may lack technical depth.
Information Technology: Focuses on the technical skills needed for a wide range of cybersecurity roles, aligning well with industry needs, but could underemphasize policy and human factors.
Psychology: Offers a human-centric approach, ideal for roles in behavioral analysis and social engineering defense, but may not provide sufficient technical training for many cybersecurity careers.
Reporting Directly to the CEO: Promotes a university-wide, interdisciplinary approach with strategic leadership, but may face challenges in maintaining focus and resource allocation.
The decision ultimately depends on the university’s vision for the program and the types of cybersecurity professionals it aims to develop. A multidisciplinary model, drawing on expertise from multiple departments, may offer the most comprehensive solution.

Recommendation To CEO:
Jaylen Hill

Preface
After further consideration, I believe that the Cybersecurity Department should be located under not what has been talked about above but by establishing it under something new and exciting- a Cyberpsychology department.

Pros:
Taking Advantage Of Something New-
I believe that because cyberpsychology is such a new but unique field, it can provide people who want to be involved in the world of cybersecurity with a brand new way or reinforce ideas about how ethical cybersecurity should be conducted- therefore creating new ideas and new opportunities for undergraduates in said department.
Getting with the times-
By studying all of the options before, a lot of the cons that were associated with IT- which is considered a great foundation for cybersecurity, is that it can lack a human centered approach. By it being more technical, it can not have deep commentary on how cybersecurity is both personal and impersonal and how both of those things intermingle. Therefore it’s important to establish some psychological approach that is based more on a technical level, so that undergraduates can have an understanding of what exactly they’re doing. Especially now since mental health is an integral part of society in the modern world.
The link between Psychology and Cybersecurity-
The basis of both of these disciplines, Psychology and Cybersecurity, is that they both have something in common that a lot of people gloss over- which is the importance of statistical data and other analytical data. Cybersecurity and psychology both get their research from conducting studies. Looking at data over years and years. Especially in psychology, which puts statistics on a pedestal. Because of these two common traits- it shouldn’t be that difficult for the latter to be on the same page when conducting more interesting and groundbreaking research.

Cons:
Risk of not having enough technicality-
Because of the focus of a more human centered approach by being under a cyber psychology department, we run the risk of not applying enough technical ability for undergraduates when it comes to being in the cybersecurity field. In the workplace, this could create a lot of problems for graduate students who are trying to look for jobs in the cybersecurity marketplace.
Program Growth-
Because of cyberpsychology being relatively new, it will be a challenge for already established psychologists and cybersecurity experts to help with the program’s growth.
May not appeal to some undergraduates-
Some undergraduates might not want to focus on a cyberpsychology department approach and would rather like to go forwards the more traditional, technical way of established cybersecurity graduates. And the fact that again as mentioned earlier, cyberpsychology isn’t exactly established as an huge field at the moment of me writing this

Conclusion:
In conclusion, because of the new innovation and research that can come from these two studies, I believe that by locating cybersecurity under cyberpsychology- it will lead to a new breed of enlightened thinkers that make us look differently about the issues that we face today, such as the confusing principle of privacy in today’s world, what makes hacking ethical and unethical, and how does the global village of information and communication aid us as a race and how does it affect others. Of course the cons make for an argument against cybersecurity being under psychology. But anything comes with negatives. However, anything new and exciting comes with growing pains. I would like to think that taking more risk allows for a more interesting and knowledgeable society more than a rigid structural society.